package com.sophos.smsec.cloud.azure;

import android.annotation.SuppressLint;
import android.app.admin.DevicePolicyManager;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.os.Handler;
import android.os.ResultReceiver;
import android.text.TextUtils;
import android.widget.Button;
import android.widget.ProgressBar;
import android.widget.Toast;
import androidx.fragment.app.q;
import com.auth0.android.jwt.JWT;
import com.microsoft.identity.client.Logger;
import com.microsoft.identity.client.a;
import com.microsoft.identity.client.exception.MsalException;
import com.microsoft.identity.client.j;
import com.microsoft.identity.common.internal.logging.ILoggerCallback;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftIdToken;
import com.sophos.mobilecontrol.client.android.command.definition.CommandRest;
import com.sophos.smsec.cloud.o.m;
import com.sophos.smsec.core.resources.apprequirements.PhoneRuntimePermissionCheck;
import com.sophos.smsec.core.resources.apprequirements.RuntimePermissionCheck;
import com.sophos.smsec.plugin.webfiltering.r;
import java.io.Serializable;
import java.util.Arrays;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes3.dex */
public class AzureAuthenticationHelper implements Serializable {
    public static final String GOOGLE_CLOUD_DPC = "com.google.android.apps.work.clouddpc";
    public static final String MICROSOFT_COMPANY_PORTAL_PKG = "com.microsoft.windowsintune.companyportal";
    public static final String MICROSOFT_INTUNE_PKG = "com.microsoft.intune";
    public static final String MS_ERROR = "MS_ERROR";
    public static final String MTD_DEVICE_NAME_PREFIX = "MTD_";
    public static final String MTD_ENROLLMENT_TYPE = "MTD";
    public static final int REQUEST_ENROLL = 2138;
    public static final int RESULT_AZURE_KILLALL_CANCELED = 2137;
    public static final int RESULT_AZURE_KILLALL_OK = 2136;
    public static final String SOPH_ERROR = "SOPH_ERROR";
    public static final String START = "START";
    public static final String SUCCESS = "SUCCESS";
    public static final String USER_ERROR = "USER_ERROR";

    /* renamed from: a, reason: collision with root package name */
    private static final boolean f10858a = false;

    /* renamed from: b, reason: collision with root package name */
    private static RuntimePermissionCheck f10859b = null;

    /* renamed from: c, reason: collision with root package name */
    private static PhoneRuntimePermissionCheck f10860c = null;
    private static final long serialVersionUID = 1;
    private androidx.appcompat.app.d mActivity;
    private e mAzureActivationErrorListener;
    private final boolean onlyConnectToAzure;
    private final int resIdButton;
    private final int resIdProgressbar;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class a implements com.microsoft.identity.client.h {
        a(AzureAuthenticationHelper azureAuthenticationHelper) {
        }

        @Override // com.microsoft.identity.client.h
        public void a(String str, Logger.LogLevel logLevel, String str2, boolean z) {
            if (z) {
                return;
            }
            int i2 = d.f10869a[logLevel.ordinal()];
            if (i2 == 1) {
                com.sophos.smsec.core.smsectrace.c.i("MSAL-" + str, str2);
                return;
            }
            if (i2 != 2) {
                com.sophos.smsec.core.smsectrace.c.v("MSAL-" + str, str2);
                return;
            }
            com.sophos.smsec.core.smsectrace.c.S("MSAL-" + str, str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class b implements ILoggerCallback {
        b(AzureAuthenticationHelper azureAuthenticationHelper) {
        }

        @Override // com.microsoft.identity.common.internal.logging.ILoggerCallback
        public void log(String str, Logger.LogLevel logLevel, String str2, boolean z) {
            if (z) {
                return;
            }
            int i2 = d.f10870b[logLevel.ordinal()];
            if (i2 == 1) {
                com.sophos.smsec.core.smsectrace.c.i("MSID-" + str, str2);
                return;
            }
            if (i2 != 2) {
                com.sophos.smsec.core.smsectrace.c.v("MSID-" + str, str2);
                return;
            }
            com.sophos.smsec.core.smsectrace.c.S("MSID-" + str, str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class c implements j.a {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ String[] f10867a;

        c(String[] strArr) {
            this.f10867a = strArr;
        }

        @Override // com.microsoft.identity.client.j.a
        public void a(MsalException msalException) {
            d.d.a.a.c("IntuneEnrollment", "MS_ERROR:SAPCA##" + msalException.getMessage());
            com.sophos.smsec.core.smsectrace.c.j("AzureAuthenticationHel", "onError: ", msalException);
            AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
        }

        @Override // com.microsoft.identity.client.j.a
        public void b(j jVar) {
            com.microsoft.identity.client.t.a aVar = new com.microsoft.identity.client.t.a();
            com.microsoft.identity.client.t.e eVar = new com.microsoft.identity.client.t.e();
            eVar.d(Boolean.TRUE);
            aVar.f("deviceid", eVar);
            a.C0162a i2 = new a.C0162a().j(Arrays.asList(this.f10867a)).i(aVar);
            i2.u(AzureAuthenticationHelper.this.b(jVar));
            i2.t(AzureAuthenticationHelper.this.mActivity);
            jVar.a(i2.r());
        }
    }

    /* loaded from: classes3.dex */
    static /* synthetic */ class d {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f10869a;

        /* renamed from: b, reason: collision with root package name */
        static final /* synthetic */ int[] f10870b;

        static {
            int[] iArr = new int[Logger.LogLevel.values().length];
            f10870b = iArr;
            try {
                iArr[Logger.LogLevel.ERROR.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f10870b[Logger.LogLevel.WARN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f10870b[Logger.LogLevel.INFO.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                f10870b[Logger.LogLevel.VERBOSE.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            int[] iArr2 = new int[Logger.LogLevel.values().length];
            f10869a = iArr2;
            try {
                iArr2[Logger.LogLevel.ERROR.ordinal()] = 1;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                f10869a[Logger.LogLevel.WARNING.ordinal()] = 2;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                f10869a[Logger.LogLevel.INFO.ordinal()] = 3;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                f10869a[Logger.LogLevel.VERBOSE.ordinal()] = 4;
            } catch (NoSuchFieldError unused8) {
            }
        }
    }

    /* loaded from: classes3.dex */
    public interface e {
        void a();
    }

    @SuppressLint({"ValidFragment"})
    /* loaded from: classes3.dex */
    public static class f extends com.sophos.smsec.c.b.l.c {
        private androidx.appcompat.app.d q;

        f(androidx.appcompat.app.d dVar) {
            super(com.sophos.smsec.cloud.h.azure_need_to_enroll_company_portal_title, com.sophos.smsec.cloud.h.azure_need_to_install_company_portal, com.sophos.smsec.cloud.h.azure_install_company_portal, com.sophos.smsec.cloud.h.azure_install_intune);
            this.q = dVar;
        }

        private void q0(String str) {
            try {
                try {
                    this.q.startActivity(new Intent("android.intent.action.VIEW", Uri.parse("market://details?id=" + str)));
                    Toast.makeText(this.q, com.sophos.smsec.cloud.h.azure_need_to_install_company_portal, 1).show();
                } catch (ActivityNotFoundException unused) {
                    new com.sophos.smsec.c.b.l.b(com.sophos.smsec.cloud.h.enrollment_header_text, com.sophos.smsec.cloud.h.azure_company_portal_not_installed).n0(this.q.getSupportFragmentManager());
                }
            } catch (ActivityNotFoundException unused2) {
                this.q.startActivity(new Intent("android.intent.action.VIEW", Uri.parse("https://play.google.com/store/apps/details?id=" + str)));
            }
        }

        @Override // com.sophos.smsec.c.b.l.c
        public void o0() {
            q0(AzureAuthenticationHelper.MICROSOFT_INTUNE_PKG);
        }

        @Override // com.sophos.smsec.c.b.l.c, androidx.fragment.app.b, android.content.DialogInterface.OnCancelListener
        public void onCancel(DialogInterface dialogInterface) {
            dialogInterface.dismiss();
        }

        @Override // com.sophos.smsec.c.b.l.c
        public void p0() {
            q0("com.microsoft.windowsintune.companyportal");
        }
    }

    @SuppressLint({"ValidFragment"})
    /* loaded from: classes3.dex */
    public static class g extends com.sophos.smsec.c.b.l.c {
        private AzureAuthenticationHelper q;
        private boolean t;

        g(AzureAuthenticationHelper azureAuthenticationHelper, boolean z) {
            super(com.sophos.smsec.cloud.h.azure_need_to_enroll_company_portal_title, com.sophos.smsec.cloud.h.azure_need_to_enroll_company_portal, com.sophos.smsec.cloud.h.azure_need_to_enroll_open, com.sophos.smsec.cloud.h.button_cancel);
            this.q = azureAuthenticationHelper;
            this.t = z;
        }

        @Override // com.sophos.smsec.c.b.l.c
        public void o0() {
            super.o0();
            d.d.a.a.c("IntuneEnrollment", "USER_ERROR:complete intune setup canceled");
        }

        @Override // com.sophos.smsec.c.b.l.c
        public void p0() {
            try {
                this.q.mActivity.startActivity(this.q.mActivity.getPackageManager().getLaunchIntentForPackage(this.t ? "com.microsoft.windowsintune.companyportal" : AzureAuthenticationHelper.MICROSOFT_INTUNE_PKG));
            } catch (Exception e2) {
                com.sophos.smsec.core.smsectrace.c.j("AzureAuthenticationHel", "cannot start com.microsoft.windowsintune.companyportal", e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public final class h implements Runnable {
        h() {
        }

        @Override // java.lang.Runnable
        public void run() {
            Button button = (Button) AzureAuthenticationHelper.this.mActivity.findViewById(AzureAuthenticationHelper.this.resIdButton);
            ProgressBar progressBar = (ProgressBar) AzureAuthenticationHelper.this.mActivity.findViewById(AzureAuthenticationHelper.this.resIdProgressbar);
            if (button != null) {
                button.setEnabled(false);
                button.setVisibility(8);
            }
            if (progressBar != null) {
                progressBar.setEnabled(true);
                progressBar.setVisibility(0);
            }
        }
    }

    /* loaded from: classes3.dex */
    final class i implements Runnable {
        i() {
        }

        @Override // java.lang.Runnable
        public void run() {
            Button button = (Button) AzureAuthenticationHelper.this.mActivity.findViewById(AzureAuthenticationHelper.this.resIdButton);
            ProgressBar progressBar = (ProgressBar) AzureAuthenticationHelper.this.mActivity.findViewById(AzureAuthenticationHelper.this.resIdProgressbar);
            if (progressBar != null) {
                progressBar.setEnabled(false);
                progressBar.setVisibility(8);
            }
            if (button != null) {
                button.setEnabled(true);
                button.setVisibility(0);
            }
        }
    }

    public AzureAuthenticationHelper(androidx.appcompat.app.d dVar, int i2, int i3, boolean z, e eVar) {
        this.mActivity = dVar;
        this.resIdProgressbar = i2;
        this.resIdButton = i3;
        this.mAzureActivationErrorListener = eVar;
        i();
        this.onlyConnectToAzure = z;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(String str, String str2, String str3, String str4) {
        m l = m.l(this.mActivity);
        l.L(false);
        setDeviceNameIfEmpty(str2, l);
        l.I(str2);
        l.N(str2);
        l.A(str4);
        l.B(str);
        l.z(str3);
        l.M(MTD_ENROLLMENT_TYPE);
        l.Q(true);
        com.sophos.smsec.cloud.commands.b.a(this.mActivity, new CommandRest("cmd_activation_mtd"));
        this.mActivity.finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public com.microsoft.identity.client.c b(final j jVar) {
        return new com.microsoft.identity.client.c() { // from class: com.sophos.smsec.cloud.azure.AzureAuthenticationHelper.4
            @Override // com.microsoft.identity.client.p
            public void a(MsalException msalException) {
                AzureAuthenticationHelper.this.mActivity.runOnUiThread(new i());
                Toast.makeText(AzureAuthenticationHelper.this.mActivity, "An Error occured\n" + msalException.getMessage(), 1).show();
                com.sophos.smsec.core.smsectrace.c.j("AzureAuthenticationHel", "onError: ", msalException);
                d.d.a.a.c("IntuneEnrollment", "MS_ERROR:ACT_CTX##" + msalException.getMessage());
                AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
            }

            @Override // com.microsoft.identity.client.p
            public void b(com.microsoft.identity.client.g gVar) {
                com.sophos.smsec.core.smsectrace.c.e("AzureAuthenticationHel", "onSuccess: ");
                String accessToken = gVar.getAccessToken();
                final String d2 = AzureAuthenticationHelper.this.d(gVar);
                final String f2 = AzureAuthenticationHelper.this.f(gVar);
                com.sophos.smsec.core.smsectrace.c.e("AzureAuthenticationHel", "onSuccess: deviceID: " + d2);
                AzureAuthenticationHelper.this.mActivity.runOnUiThread(new i());
                if (!TextUtils.isEmpty(d2)) {
                    if (AzureAuthenticationHelper.this.onlyConnectToAzure) {
                        AzureAuthenticationHelper.this.j(d2);
                        return;
                    }
                    final com.sophos.smsec.core.resources.dialog.a aVar = new com.sophos.smsec.core.resources.dialog.a(AzureAuthenticationHelper.this.mActivity);
                    aVar.s(true);
                    aVar.h(AzureAuthenticationHelper.this.mActivity.getString(com.sophos.smsec.cloud.h.azure_connecting_in_progress));
                    aVar.show();
                    com.sophos.smsec.cloud.azure.b.d(accessToken, new ResultReceiver(new Handler()) { // from class: com.sophos.smsec.cloud.azure.AzureAuthenticationHelper.4.1
                        @Override // android.os.ResultReceiver
                        protected void onReceiveResult(int i2, Bundle bundle) {
                            super.onReceiveResult(i2, bundle);
                            aVar.dismiss();
                            if (i2 != -1) {
                                d.d.a.a.c("IntuneEnrollment", "SOPH_ERROR:Could not get CASL token - response != ok");
                                AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
                                return;
                            }
                            Serializable serializable = bundle.getSerializable("response");
                            if (serializable instanceof Response) {
                                Response response = (Response) serializable;
                                JWT responseJWT = response.getResponseJWT();
                                if (responseJWT != null) {
                                    AzureAuthenticationHelper.this.a(responseJWT.c(MicrosoftIdToken.AUDIENCE).asString(), d2, f2, response.getResponseJWTString());
                                } else {
                                    Toast.makeText(AzureAuthenticationHelper.this.mActivity, AzureAuthenticationHelper.this.mActivity.getString(com.sophos.smsec.cloud.h.mtd_error_no_jwt_received), 1).show();
                                    d.d.a.a.c("IntuneEnrollment", "SOPH_ERROR:Could not get CASL token");
                                    AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
                                }
                            }
                        }
                    });
                    return;
                }
                q i2 = AzureAuthenticationHelper.this.mActivity.getSupportFragmentManager().i();
                com.sophos.smsec.c.b.l.b bVar = new com.sophos.smsec.c.b.l.b(com.sophos.smsec.cloud.h.msg_error, com.sophos.smsec.cloud.h.azure_company_portal_not_enrolled);
                i2.e(bVar, bVar.getTag());
                i2.j();
                j jVar2 = jVar;
                if (jVar2 instanceof com.microsoft.identity.client.q) {
                    try {
                        ((com.microsoft.identity.client.q) jVar2).A();
                    } catch (MsalException | InterruptedException e2) {
                        com.sophos.smsec.core.smsectrace.c.j("AzureAuthenticationHel", "onSuccess: ", e2);
                    }
                }
                d.d.a.a.c("IntuneEnrollment", "MS_ERROR:no deviceId received");
                AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
            }

            @Override // com.microsoft.identity.client.c
            public void onCancel() {
                AzureAuthenticationHelper.this.mActivity.runOnUiThread(new i());
                d.d.a.a.c("IntuneEnrollment", "USER_ERROR:User has cancelled enrollment");
                com.sophos.smsec.core.smsectrace.c.S("AzureAuthenticationHel", "onCancel");
                AzureAuthenticationHelper.this.mAzureActivationErrorListener.a();
            }
        };
    }

    private RuntimePermissionCheck c() {
        if (f10859b == null) {
            int i2 = com.sophos.smsec.cloud.h.azure_contacts_permission_title;
            int i3 = com.sophos.smsec.cloud.h.azure_contacts_permission_description;
            f10859b = new RuntimePermissionCheck("android.permission.GET_ACCOUNTS", 2134, i2, i3, i3, com.sophos.smsec.cloud.h.azure_contacts_permission_denial);
        }
        return f10859b;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String d(com.microsoft.identity.client.g gVar) {
        if (gVar == null) {
            return null;
        }
        gVar.getAccessToken();
        return new JWT(gVar.getAccessToken()).c("deviceid").asString();
    }

    private PhoneRuntimePermissionCheck e() {
        if (f10860c == null) {
            f10860c = new PhoneRuntimePermissionCheck(2135, com.sophos.smsec.cloud.h.settings_permission_phone_description);
        }
        return f10860c;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String f(com.microsoft.identity.client.g gVar) {
        if (gVar == null) {
            return null;
        }
        gVar.getAccessToken();
        return new JWT(gVar.getAccessToken()).c("unique_name").asString();
    }

    private static boolean g(Context context, String str) {
        DevicePolicyManager devicePolicyManager;
        if (!r.b(context) || (devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy")) == null) {
            return false;
        }
        return devicePolicyManager.isDeviceOwnerApp(str);
    }

    private static boolean h(Context context, String str) {
        DevicePolicyManager devicePolicyManager;
        if (!r.b(context) || (devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy")) == null) {
            return false;
        }
        return devicePolicyManager.isProfileOwnerApp(str);
    }

    private void i() {
        try {
            com.microsoft.identity.client.Logger.b().e(new a(this));
        } catch (IllegalStateException e2) {
            com.sophos.smsec.core.smsectrace.c.S("AzureAuthenticationHel", "registerLogger: " + e2.getMessage());
        }
        com.microsoft.identity.common.internal.logging.Logger.getInstance().setExternalLogger(new b(this));
    }

    public static boolean isGCloudDPCOwner(Context context) {
        return g(context, GOOGLE_CLOUD_DPC) || h(context, GOOGLE_CLOUD_DPC);
    }

    public static boolean isMicrosoftCompanyPortalInstalled(Context context) {
        return com.sophos.smsec.core.smsutils.a.e(context, "com.microsoft.windowsintune.companyportal");
    }

    public static boolean isMicrosoftIntuneInstalled(Context context) {
        return com.sophos.smsec.core.smsutils.a.e(context, MICROSOFT_INTUNE_PKG);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void j(String str) {
        m l = m.l(this.mActivity);
        setDeviceNameIfEmpty(str, l);
        l.N(str);
        l.M(MTD_ENROLLMENT_TYPE);
        com.sophos.smsec.cloud.commands.b.d(this.mActivity);
        this.mActivity.finish();
    }

    public void handleAuthenticateClicked(boolean z) {
        if (!z) {
            d.d.a.a.c("IntuneEnrollment", "START:Start MTD enrollment");
        }
        boolean isMicrosoftIntuneInstalled = isMicrosoftIntuneInstalled(this.mActivity);
        boolean isMicrosoftCompanyPortalInstalled = isMicrosoftCompanyPortalInstalled(this.mActivity);
        if (!isMicrosoftCompanyPortalInstalled && !isMicrosoftIntuneInstalled) {
            d.d.a.a.c("IntuneEnrollment", "USER_ERROR:Company Portal nor Intune not installed");
            f fVar = new f(this.mActivity);
            q i2 = this.mActivity.getSupportFragmentManager().i();
            i2.e(fVar, fVar.getTag());
            i2.j();
            return;
        }
        if (!d.d.b.a.d.q.c(this.mActivity)) {
            d.d.a.a.c("IntuneEnrollment", "USER_ERROR:No internet connection");
            new com.sophos.smsec.c.b.l.b(com.sophos.smsec.cloud.h.enrollment_header_text, com.sophos.smsec.cloud.h.warning_no_network).n0(this.mActivity.getSupportFragmentManager());
            return;
        }
        if (!c().isGranted(this.mActivity)) {
            c().check((androidx.fragment.app.c) this.mActivity);
            return;
        }
        if (!e().isGranted(this.mActivity)) {
            e().check((androidx.fragment.app.c) this.mActivity);
            return;
        }
        if (com.sophos.smsec.core.enabledeviceadmin.a.i(this.mActivity, "com.microsoft.windowsintune.companyportal") || (isGCloudDPCOwner(this.mActivity) && isMicrosoftCompanyPortalInstalled)) {
            this.mActivity.runOnUiThread(new h());
            Toast.makeText(this.mActivity, com.sophos.smsec.cloud.h.azure_enroll_hint, 1).show();
            com.microsoft.identity.client.m.e(this.mActivity, com.sophos.smsec.cloud.g.msal_config_prod, new c(new String[]{f10858a ? "https://SophosTechnology.onmicrosoft.com/bf4fa897-3d78-42e1-9d43-3896f4126e1a/enroll" : "https://SophosTechnology.onmicrosoft.com/1020ac7d-5704-4c49-86cd-7ef6f4433f0d/enroll"}));
        } else {
            q i3 = this.mActivity.getSupportFragmentManager().i();
            g gVar = new g(this, isMicrosoftCompanyPortalInstalled(this.mActivity));
            i3.e(gVar, gVar.getTag());
            i3.j();
        }
    }

    public void onActivityResult(int i2, int i3, Intent intent) {
        com.sophos.smsec.core.smsectrace.c.e("AzureAuthenticationHel", "onActivityResult() called with: requestCode = [" + i2 + "], resultCode = [" + i3 + "], data = [" + intent + "]");
    }

    public void onRequestPermissionsResult(int i2, String[] strArr, int[] iArr) {
        if (c().handlePermissionResult(this.mActivity, i2, strArr, iArr) || e().handlePermissionResult(this.mActivity, i2, strArr, iArr)) {
            handleAuthenticateClicked(true);
        }
    }

    protected void setDeviceNameIfEmpty(String str, m mVar) {
        if (StringUtils.isEmpty(mVar.j())) {
            mVar.O(MTD_DEVICE_NAME_PREFIX + str);
        }
    }
}
